Hi, I finally got windows data into security onion. But I dont see sysmon categories?
But I do show windows_events?
are windows_eventlogs the same as sysmon maybe? not sure.
thanks for any suggestions or advice
are windows_eventlogs the same as sysmon maybe? not sure.
Without wanting to be dismissive, this looks to be an security onion implementation question rather than a Kibana one. It might be worth asking on their forums.
Thanks warkolm,yes, I did that as well. I thought that because kibana is showing the windows_eventlogs module that I would ask you folks.
I think i will ask the microsoft forum as well.
thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.